Abstract: A multilayer ceramic capacitor includes: a multilayer structure in which dielectric layers and internal electrode layers are alternately stacked; wherein a main component of the dielectric layers is a ceramic material having a main phase having a perovskite structure (ABO3) wherein a B site includes an element solid-solved in the B site and acting as a donor; wherein an A site and the B site of the ceramic material includes a rare earth element, wherein (an amount of the rare earth element substitutionally solid-solved in the A site)/(an amount of the rare earth element substitutionally solid-solved in the B site) is 0.75 or more and 1.25 or less. The amount of the element acting as the donor in the B site is 0.05 to 0.3 atm % relative to a main component element of the B site.

Abstract: A sheet detection device includes, as detection pieces, a first detection piece integrally provided on a rotary shaft and a second detection piece attached to the first detection piece via a biasing member. The second detection piece is capable of rotation in conjunction with the first detection piece under a biasing force of the biasing member. When the second detection piece is brought into contact with a ceiling at an upper part of the rotary shaft, the second detection piece stops further rotation while the first detection piece is capable of rotation together with the rotary shaft against the biasing force.

Abstract: A non-transitory computer-readable recording medium storing a domain detection program for causing a computer to execute processing including: generating an anomalous character string similar to a predetermined domain name; and detecting a response that indicates association between domain information whose subdomain is the generated anomalous character string and an address based on response history information that indicates association between domain information and an address by a management server that manages the domain information.

Abstract: An unauthorized communication detection apparatus comprises: a reception module configured to receive operational data; a transmission module configured to transmit the operational data; an acquisition module configured to acquire a correction value for correcting a determination expression for calculating a score for determining whether the operational data is involved in unauthorized communication, based on a parameter for extending an application range of a specific learning model and on a specific feature amount corresponding to the specific learning model among a plurality of feature amounts of the operational data; a determination module configured to calculate the score based on the plurality of learning models, the plurality of feature amounts, and the correction value, and determine whether the operational data is involved in unauthorized communication based on the calculated score; and a transmission control module configured to control the transmission of the operational data based on a determinati

Abstract: The present disclosure provides an adsorbent which is produced using a low environmental load material as a raw material and adsorbs selenious acid selectively and efficiently. A selenious acid adsorbent according to the present disclosure includes a cellulose derivative (I) having a repeating unit represented by Formula (I).

Abstract: The present disclosure provides a cellulose derivative which has excellent storage stability and can selectively adsorb a valuable metal and a toxic metal. The cellulose derivative of the present disclosure has a repeating unit represented by Formula (I) below. In Formula (I) below. Ras are identical or different and are a hydrogen atom or a group represented by Formula (a) below. In Formula (a) below, ring Z represents a heterocycle containing a nitrogen atom as a heteroatom, and R1 represents a single bond or an alkylene group having from 1 to 10 carbons. Four R2s are identical or different, and each represent an alkyl group having from 1 to 10 carbons. At least one of all the Ras included in the cellulose derivative is a group represented by Formula (a) below.

Abstract: A non-transitory computer-readable storage medium storing a detection program that causes a processor included in a noise estimation apparatus to execute a process, the process includes acquiring domain information included in cyber attack information, acquiring record information corresponding to the acquired domain information from a second managing server, the second managing server managing a response history of a first managing server by monitoring communication of the first managing server, the first managing server managing an association between domain information and an IP address, the response history being related to the association between the domain information and the IP address, identifying an IP address that is repeatedly used and a name server associated with the identified IP address by analyzing the record information, and outputting first list information indicating the identified IP address and the identified name server.

Abstract: A non-transitory computer-readable recording medium storing a domain search program for causing a computer to execute processing, the processing including: generating a character string in which a character string of a domain of a first hierarchical level in a domain name space is concatenated with a character string of a domain of a second hierarchical level that is a lower hierarchical level relative to the first hierarchical level; and in a case where a domain of the generated character string is included in a domain list in which at least one particular domain is described, outputting information that serves as an indicator of unauthorized use of the particular domain.

Abstract: A evaluation method by a computer, the method includes: making, based on domain information included in input cyber attack information, an inquiry about whether an address associated with the domain information exists to multiple first servers that manage associations between the domain information and addresses; make an inquiry about an answer history related to the domain information to a second server that monitors communication of the first servers and manages answer histories, related to the associations between the domain information and the addresses, of the first servers; and outputting a result of diagnosing a threat detail of a cyber attack related to the domain information based on a ratio of the number of answers indicating that an address associated with the domain information does not exist with respect to the number of answers acquired from each of the first servers, and the answer histories acquired from the second server.

Abstract: A non-transitory computer-readable storage medium storing a program that cause a processor included in an information processing apparatus to execute a process, the process includes collecting a plurality of types of cyberattack information; evaluating a number of types of cyberattacks in which feature information of the cyberattack appears based on the collected cyberattack information; and when receiving specification of the feature information of a cyberattack, responding evaluation results of the number of types of cyberattacks in which the specified feature information of the cyberattack appears.

Abstract: A computer-implemented method includes: collecting transaction data concerning a specific virtual currency address from a blockchain; decrypting address information based on transaction details specified in the collected transaction data; collecting threat information concerning the address information based on the decrypted address information; and detecting a change in an attack scheme of a cyberattack using the virtual currency address, based on a time-series change in at least one item included in the transaction details specified in the collected transaction data and the collected threat information.

Abstract: A non-transitory recording medium on which an evaluating program related to a cyberattack is recorded, the evaluating program making a computer perform: collecting a plurality of pieces of cyberattack information; analyzing the collected plurality of pieces of cyberattack information; identifying an address of a cyberattack source included in the plurality of pieces of cyberattack information; determining an address group as a monitoring target of the cyberattack based on the identified address; calculating an evaluation value related to reliability of setting the address group as the monitoring target according to a state of detection of a cyberattack from an address included in the determined address group; and performing an output corresponding to the calculated evaluation value.

Abstract: A non-transitory computer-readable recording medium storing a program that causes a computer to execute a process the process includes acquiring malicious behavior data indicating behavior of a malicious domain used for each attack of a plurality of types of attacks, specifying a probability of detecting the behavior when each feature of a plurality of kinds of features that appears in the behavior is utilized to detect the behavior used for the each attack, based on the acquired malicious behavior data, analyzing usefulness of the each feature in detecting the behavior used for the each attack, based on the specified probability, and determining which type of attack among the plurality of types of attacks the malicious domain is used for with regard to behavior of an object domain when corresponding to the behavior of the malicious domain, based on a result of the analyzing.

Abstract: A cyber attack evaluation method includes transmitting, based on first domain information included in cyber attack information, an inquiry about whether a first IP address associated with the first domain information is stored to a first management server configured to store associations between domain information and IP addresses, transmitting another inquiry about a first answer history related to the first domain information to a second management server configured to store answer histories of the first management server by monitoring communication of the first management server, the answer histories being related to the associations between the domain information and the IP addresses, and outputting, based on an answer of the inquiry acquired from the first management server and the first answer history acquired from the second management server, a result of diagnosing threat content of a cyber attack related to the first domain information.

Abstract: A method executed by a computer, includes identifying, by using a blockchain indicating a cryptocurrency transaction, first addresses of a transaction source and a transaction partner in which the cryptocurrency transaction satisfying a condition has been performed in a first period; generating, by using the first addresses, a first graph having the respective cryptocurrency addresses of the transaction source and the transaction partner; identifying, by using the blockchain, second addresses of a transaction source and a transaction partner in which the cryptocurrency transaction satisfying the condition has been performed in a second period; generating, by using the second addresses, a second graph having the respective cryptocurrency addresses of the transaction source and the transaction partner; and detecting, by using the first graph and the second graph, a new cryptocurrency address in which the cryptocurrency transaction has been performed under the condition.

Abstract: A non-transitory computer-readable storage medium storing a detection program that causes a processor included in a noise estimation apparatus to execute a process, the process includes acquiring domain information included in cyber attack information, acquiring record information corresponding to the acquired domain information from a second managing server, the second managing server managing a response history of a first managing server by monitoring communication of the first managing server, the first managing server managing an association between domain information and an IP address, the response history being related to the association between the domain information and the IP address, identifying an IP address that is repeatedly used and a name server associated with the identified IP address by analyzing the record information, and outputting first list information indicating the identified IP address and the identified name server.

Abstract: A non-transitory computer-readable recording medium records a program for causing a computer to execute processes of: a collecting process of collecting a plurality of pieces of cyberattack information; a specifying process of analyzing the plurality of pieces of collected cyberattack information, specifying a plurality of addresses of cyberattack sources included in the plurality of pieces of cyberattack information, and specifying a period in which each of the specified addresses of the plurality of cyberattack sources is observed; a determining process of determining an address range or some addresses included in the address range as monitoring targets according to a result of comparing a first period distribution of an observed period corresponding to the plurality of specified addresses and a second period distribution of an observed period for each address range; and an outputting process of outputting information regarding the determined address range or some addresses included in the address range.

Abstract: An unauthorized communication detection apparatus comprises: a reception module configured to receive operational data; a transmission module configured to transmit the operational data; an acquisition module configured to acquire a correction value for correcting a determination expression for calculating a score for determining whether the operational data is involved in unauthorized communication, based on a parameter for extending an application range of a specific learning model and on a specific feature amount corresponding to the specific learning model among a plurality of feature amounts of the operational data; a determination module configured to calculate the score based on the plurality of learning models, the plurality of feature amounts, and the correction value, and determine whether the operational data is involved in unauthorized communication based on the calculated score; and a transmission control module configured to control the transmission of the operational data based on a determinati

Abstract: A evaluation method by a computer, the method includes: making, based on domain information included in input cyber attack information, an inquiry about whether an address associated with the domain information exists to multiple first servers that manage associations between the domain information and addresses; make an inquiry about an answer history related to the domain information to a second server that monitors communication of the first servers and manages answer histories, related to the associations between the domain information and the addresses, of the first servers; and outputting a result of diagnosing a threat detail of a cyber attack related to the domain information based on a ratio of the number of answers indicating that an address associated with the domain information does not exist with respect to the number of answers acquired from each of the first servers, and the answer histories acquired from the second server.

Abstract: A cyber attack evaluation method includes transmitting, based on first domain information included in cyber attack information, an inquiry about whether a first IP address associated with the first domain information is stored to a first management server configured to store associations between domain information and IP addresses, transmitting another inquiry about a first answer history related to the first domain information to a second management server configured to store answer histories of the first management server by monitoring communication of the first management server, the answer histories being related to the associations between the domain information and the IP addresses, and outputting, based on an answer of the inquiry acquired from the first management server and the first answer history acquired from the second management server, a result of diagnosing threat content of a cyber attack related to the first domain information.